Security_exception on Kibana after x-pack installation

koalabear974 · November 22, 2017, 5:00pm

Hallo !
Just installed x-pack and generated the password with the setup-password script.

I can access elasticsearch and kibana via their simple htaccess with their respectiv password, so far so good.

Now in kibana console I check my current use with:

GET /_xpack/security/_authenticate
and get:
"username": "kibana",
"roles": [
"kibana_system"
]

But whenever I make a simple search on one of my indexes:

{
"type": "security_exception",
"reason": "action [indices:data/read/search] is unauthorized for user [kibana]"
}

What I've tried so far:

Use elastic user and password inside kibana config file: Didn't change kibana user and permission
Tried to modify any roles or access: either via kibana console same security_exception, either via x-pack command line with I get ERROR: Invalid username [kibana]... Username [kibana] is reserved and may not be used.
Install x-pack on kibana aswell, didn't find any more solution

Info about my setup:

Just updated to 6.0 for ES and Kibana
Everything local so far

At the end, I would just like to be able to add a security for Kibana in the perspective of access the installation on my server. The only way to do that is I guess by installing x-pack everywhere.

I'm lost in every documentation as they talk about ssl and all which is not needed for me here.
Stuck between the impossibility to modify built-in roles, and built-in roles not able to access anything.

I might have missed something really simple, anybody here that can point it out for me ?
Thanks for the help !

bhavyarm · November 22, 2017, 9:19pm

Hi Adrien,

I am not quite sure whats happening. So, let's start at the beginning.

Can you please let me know if you:

Installed elasticsearch 6.0 and installed x-pack on it?
Started elasticsearch?
Generated password for Kibana, Logstash, and elastic by using interactive setup
Installed Kibana 6.0 and installed x-pack on it?
Added elastic username and password in kibana.yml?

If you went through all these steps - you should be able to ingest data into Elasticsearch and access it using Kibana.
You can login using your elastic username and password. Please also note you are trial license when you just download and install the stack from the website. Trial is valid for a month and it doesn't require ssl.

X-Pack has 3 basic license levels. Out of which basic is free - but there is no security in it. Lots of our users use proxies to set up their own authentication. The security part of x-pack is available with gold/platinum license.

https://www.elastic.co/guide/en/x-pack/current/index.html

Hope this helps.

Thanks,
Bhavya

koalabear974 · November 23, 2017, 9:11am

Hi Bhavyarm,

Thanks for your answer.
Yes I've tried all the step you mention, but maybe not in this order.
I'll try once more following you steps.

Thanks again for your help

system · December 21, 2017, 9:11am

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.